Get Protected Today

Everything We Know About WannaCry… and a New Beast Called Adylkuzz

The WannaCry ransomware attack, which has affected more than 200,000 victims in 150 countries, seems to be mostly under control, thanks to a patch by Microsoft and efforts by researchers and security companies. The ransomware attack exploited a flaw in Microsoft’s Windows XP operating system.

Besides issuing a patch, Microsoft, via a blog from its president Brad Smith, criticized world leaders for stockpiling vulnerabilities to computer systems.

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.

Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

A few days ago, a pair of decryption tools were released that may allow users to regain access to their files without having to pay any ransom.

But, now, there is a brand new beast to worry about. Called Adylkuzz, it leverages the same hole in old Windows software used to spread WannaCry. Adylkuzz operates in the background of computers, installing a “miner” to generate cryptocurrency called Monero. Cryptocurrency is digital money, which is generated by computing power. The more power you have, the more money you generate.

Adylkuzz went undetected until about a week ago, when it was found by security firm Proofpoint.

This new malware isn’t spreading as widely as WannyCry because Internet providers are blocking it once they become aware of it. Unlike WannyCry, the malware is not able to put itself onto other computers automatically.

How to Protect Yourself from WannaCry and Adylkuzz

If you have VIPRE Advanced Security or Endpoint Protection installed, you are protected from these malware threats. VIPRE’s Advanced Active Protection feature has been shown to be effective at stopping even previously-unknown strains of this threat.

Also, install the Microsoft patch immediately, even if you have VIPRE.

Click here for more information about the patch and the Windows versions and editions affected by WannaCry.

For a detailed technical explanation on how WannaCry works, check out this piece by VIPRE’s Director of Product Management, David Corlette.